bn
/
se


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429
							<?php


class UsersLdapHelper {

	public static function getUser($userName, $allAttrs = false) {
		$ldapUsers = array();

		//$attrMap = array('uid', 'apple-generateduid', 'givenName', 'uidNumber', 'cn', 'mail', 'apple-user-mailattribute');// (givenName, sn) = cn
		$attrMap = array();
		$attrMap['uid'] = 'uid';
		$attrMap['apple-generateduid'] = 'apple-generateduid';
		$attrMap['givenName'] = 'givenName';
		$attrMap['uidNumber'] = 'uidNumber';
		$attrMap['cn'] = 'cn';
		$attrMap['mail'] = 'mail';
		$attrMap['carLicense'] = 'carLicense';

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$filter = (false !== strpos($userName, '@'))? "(mail={$userName})" : "(uid={$userName})";
		$filter = "(&(objectClass=apple-user){$filter})";// apple-user posixAccount inetOrgPerson
		//$filter = "(&(objectClass=inetOrgPerson){$filter})";
		$attributes = array();
		$res = $ldap->search($filter, 'cn=users', $attributes);
		$entry = $ldap->first_entry($res);
		while ($entry) {
			$attrs = $ldap->get_attributes($entry);
			if(V::get('DBG_L', '', $_GET) > 0){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">attrs(' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($attrs);echo'</pre>';}
			$userObj = new stdClass();
			if ($allAttrs) {
				for ($i = 0; $i < $attrs['count']; $i++) {
					$vAttrName = $attrs[$i];
					$vAttrVal = $attrs[$vAttrName];
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						$userObj->{$vAttrName} = $vAttrVal[0];
					}
				}
			} else {
				foreach ($attrMap as $kAttrName => $vFldName) {
					$vAttrVal = V::get($kAttrName, '', $attrs);
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$userObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$userObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$userObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			}
			$ldapUsers[] = $userObj;

			$entry = $ldap->next_entry($entry);
		}
		$ldap->free_result($res);

		return $ldapUsers;
	}

	public static function getUsersAll() {
		$allLdapUsers = array();

		$attrMap = array('uid', 'apple-generateduid', 'givenName', 'uidNumber', 'cn', 'mail', 'carLicense');// (givenName, sn) = cn

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$filter = "(objectClass=apple-user)";// apple-user posixAccount inetOrgPerson
		$attributes = array();
		$res = $ldap->search($filter, 'cn=users', $attributes);
		$entry = $ldap->first_entry($res);
		while ($entry) {
			$attrs = $ldap->get_attributes($entry);
			$userObj = new stdClass();
			foreach ($attrMap as $vAttrName) {
				$vAttrVal = V::get($vAttrName, '', $attrs);
				if (is_array($vAttrVal) && !empty($vAttrVal)) {
					$userObj->{$vAttrName} = $vAttrVal[0];
				}
			}
			$allLdapUsers[] = $userObj;

			$entry = $ldap->next_entry($entry);
		}
		$ldap->free_result($res);

		return $allLdapUsers;
	}

	public static function getUserGroups($userName, $authLDAPSubGroupDepth = 3) {
		$userLdapGroups = array();

		$attrMap = array('apple-generateduid'=>'appleUID', 'gidNumber'=>'gidNumber', 'cn'=>'cn');// (givenName, sn) = cn

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$lastLoopFound = array();
		for ($i = 0; $i <= $authLDAPSubGroupDepth; $i++) {
			$userLdapGroupsAdd = array();

			if ($i == 0) {
				$filter = "(&(objectClass=apple-group)(memberUid={$userName}))";
			} else {
				$queryOrArr = array();
				foreach ($lastLoopFound as $vAppleUid) {
					$queryOrArr[] = "apple-group-nestedgroup={$vAppleUid}";
				}
				if (!empty($queryOrArr)) {
					$queryOr = '(|(' . implode(')(', $queryOrArr) . '))';
					$filter = "(&(objectClass=apple-group){$queryOr})";
				} else {
					break;
				}
			}

			//if($DBG){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">ldap_search (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('ldaprdn'=>'cn=groups,' . $ldap->getBaseDN(), 'filter'=>$filter, 'attributes'=>$attributes));echo'</pre>';}

			$attributes = array();
			$res = $ldap->search($filter, 'cn=groups', $attributes);
			if(V::get('DBG_L', '', $_GET) > 0){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">search(' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($filter);echo'</pre>';}
			$entry = $ldap->first_entry($res);
			while ($entry) {
				$attrs = $ldap->get_attributes($entry);
				if(V::get('DBG_L', '', $_GET) > 0){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">user('.$userName.') (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($attrs);echo'</pre>';}

				$groupObj = new stdClass();
				foreach ($attrMap as $kAttrName => $vField) {
					$vAttrVal = V::get($kAttrName, '', $attrs);
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						$groupObj->{$vField} = $vAttrVal[0];
					}
				}

				if ($groupObj->cn && $groupObj->gidNumber) {
					$userLdapGroupsAdd[$groupObj->gidNumber] = $groupObj;
				} else {
					echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">Error: brak cn lub apple-generateduid (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($attrs);echo'</pre>';
				}

				$entry = $ldap->next_entry($entry);
			}
			$ldap->free_result($res);

			if (empty($userLdapGroupsAdd)) {
				break;
			} else {
				if(V::get('DBG_L', '', $_GET) > 0){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">userLdapGroupsAdd('.count($userLdapGroupsAdd).') (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($userLdapGroupsAdd);echo'</pre>';}
				$lastLoopFound = array();
				foreach ($userLdapGroupsAdd as $kAppleID => $vGroup) {
					$userLdapGroups[$kAppleID] = $vGroup;
					$lastLoopFound[] = $vGroup->appleUID;
				}
				//$lastLoopFound = array_keys($userLdapGroupsAdd);
			}
		}

		return $userLdapGroups;
	}

	public static function getGroupsByAppleUids($appleUids, $allAttrs = false) {
		$allLdapGroups = array();
		if (empty($appleUids)) return $allLdapGroups;

		$attrMap = array('apple-generateduid'=>'appleUID', 'gidNumber'=>'gidNumber', 'cn'=>'cn');// (givenName, sn) = cn
		$attrMap['apple-group-realname'] = 'realName';
		$attrMap['apple-group-nestedgroup'] = 'nestedGroups';

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$filters = array();
		foreach ($appleUids as $vAppleUid) $filters[] = "(apple-generateduid={$vAppleUid})";
		$filter = "(&(objectClass=apple-group)(|" . implode("", $filters) . "))";
		$attributes = array();
		$res = $ldap->search($filter, 'cn=groups', $attributes);
		$entry = $ldap->first_entry($res);
		while ($entry) {
			$attrs = $ldap->get_attributes($entry);

			$groupObj = new stdClass();

			if ($allAttrs) {
				for ($i = 0; $i < $attrs['count']; $i++) {
					$vAttrName = $attrs[$i];
					$vFldName = V::get($vAttrName, $vAttrName, $attrMap);
					$vAttrVal = $attrs[$vAttrName];
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			} else {
				foreach ($attrMap as $kAttrName => $vFldName) {
					$vAttrVal = V::get($kAttrName, '', $attrs);
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			}


			if ($groupObj->cn && $groupObj->appleUID) {
				$allLdapGroups[$groupObj->appleUID] = $groupObj;
			} else {
				echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">Error: brak cn lub apple-generateduid (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('attrs'=>$attrs, 'groupObj'=>$groupObj));echo'</pre>';
			}

			$entry = $ldap->next_entry($entry);
		}
		$ldap->free_result($res);

		return $allLdapGroups;
	}

	public static function getParentGroupsByAppleUID($appleUid, $allAttrs = false) {
		$allLdapGroups = array();
		if (!$appleUid) return $allLdapGroups;

		$attrMap = array('apple-generateduid'=>'appleUID', 'gidNumber'=>'gidNumber', 'cn'=>'cn');// (givenName, sn) = cn
		$attrMap['apple-group-realname'] = 'realName';
		$attrMap['apple-group-nestedgroup'] = 'nestedGroups';

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$filters = array();
		$filter = "(&(objectClass=apple-group)(apple-group-nestedgroup={$appleUid}))";
		$attributes = array();
		$res = $ldap->search($filter, 'cn=groups', $attributes);
		$entry = $ldap->first_entry($res);
		while ($entry) {
			$attrs = $ldap->get_attributes($entry);

			$groupObj = new stdClass();

			if ($allAttrs) {
				for ($i = 0; $i < $attrs['count']; $i++) {
					$vAttrName = $attrs[$i];
					$vFldName = V::get($vAttrName, $vAttrName, $attrMap);
					$vAttrVal = $attrs[$vAttrName];
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			} else {
				foreach ($attrMap as $kAttrName => $vFldName) {
					$vAttrVal = V::get($kAttrName, '', $attrs);
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			}

			if ($groupObj->cn && $groupObj->appleUID) {
				$allLdapGroups[$groupObj->appleUID] = $groupObj;
			} else {
				echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">Error: brak cn lub apple-generateduid (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('attrs'=>$attrs, 'groupObj'=>$groupObj));echo'</pre>';
			}

			$entry = $ldap->next_entry($entry);
		}
		$ldap->free_result($res);

		return $allLdapGroups;
	}

	public static function getGroupsByID($groupID, $allAttrs = false) {
		$allLdapGroups = array();

		$attrMap = array('apple-generateduid'=>'appleUID', 'gidNumber'=>'gidNumber', 'cn'=>'cn');// (givenName, sn) = cn
		$attrMap['apple-group-realname'] = 'realName';
		$attrMap['apple-group-nestedgroup'] = 'nestedGroups';

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$filter = "(&(objectClass=apple-group)(|(cn={$groupID}-*)(cn={$groupID}_*)))";
		$attributes = array();
		$res = $ldap->search($filter, 'cn=groups', $attributes);
		$entry = $ldap->first_entry($res);
		while ($entry) {
			$attrs = $ldap->get_attributes($entry);

			$groupObj = new stdClass();

			if ($allAttrs) {
				for ($i = 0; $i < $attrs['count']; $i++) {
					$vAttrName = $attrs[$i];
					$vFldName = V::get($vAttrName, $vAttrName, $attrMap);
					$vAttrVal = $attrs[$vAttrName];
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			} else {
				foreach ($attrMap as $kAttrName => $vFldName) {
					$vAttrVal = V::get($kAttrName, '', $attrs);
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			}


			if ($groupObj->cn && $groupObj->appleUID) {
				$allLdapGroups[$groupObj->appleUID] = $groupObj;
			} else {
				echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">Error: brak cn lub apple-generateduid (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('attrs'=>$attrs, 'groupObj'=>$groupObj));echo'</pre>';
			}

			$entry = $ldap->next_entry($entry);
		}
		$ldap->free_result($res);

		return $allLdapGroups;
	}

	public static function getGroupsAll($allAttrs = false) {
		$allLdapGroups = array();

		$attrMap = array('apple-generateduid'=>'appleUID', 'gidNumber'=>'gidNumber', 'cn'=>'cn');// (givenName, sn) = cn
		$attrMap['apple-group-realname'] = 'realName';
		$attrMap['apple-group-nestedgroup'] = 'nestedGroups';

		Lib::loadClass('LDAP');
		$ldap = LDAP::getInstance();

		$filter = "(objectClass=apple-group)";
		$attributes = array();
		$res = $ldap->search($filter, 'cn=groups', $attributes);
		$entry = $ldap->first_entry($res);
		while ($entry) {
			$attrs = $ldap->get_attributes($entry);

			$groupObj = new stdClass();

			if ($allAttrs) {
				for ($i = 0; $i < $attrs['count']; $i++) {
					$vAttrName = $attrs[$i];
					$vFldName = V::get($vAttrName, $vAttrName, $attrMap);
					$vAttrVal = $attrs[$vAttrName];
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			} else {
				foreach ($attrMap as $kAttrName => $vFldName) {
					$vAttrVal = V::get($kAttrName, '', $attrs);
					if (is_array($vAttrVal) && !empty($vAttrVal)) {
						if ($vAttrVal['count'] > 1) {
							$groupObj->{$vFldName} = array();
							for ($j = 0; $j < $vAttrVal['count']; $j++) {
								$groupObj->{$vFldName}[] = $vAttrVal[$j];
							}
						} else {
							$groupObj->{$vFldName} = $vAttrVal[0];
						}
					}
				}
			}


			if ($groupObj->cn && $groupObj->appleUID) {
				$allLdapGroups[$groupObj->appleUID] = $groupObj;
			} else {
				echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">Error: brak cn lub apple-generateduid (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('attrs'=>$attrs, 'groupObj'=>$groupObj));echo'</pre>';
			}

			$entry = $ldap->next_entry($entry);
		}
		$ldap->free_result($res);

		return $allLdapGroups;
	}

}